What is Ransomware?
Ransomware is a type of malware that encrypts a victim's files and then demands a ransom to restore access to them. The attacker may demand payment in either cryptocurrency or fiat currency to reverse the ransomware infection. Users are shown instructions for how to pay a fee to get the decryption key.
About Fileslock Ransomware
Fileslock ransomware is a malicious software known as ransomware. Fileslock encrypts all the files in a computer until the user pays a ransom. The ransomware drops a file named HOW_TO_RECOVER_DATA.html, containing the ransom note. Files encrypted by Fileslock Ransomware are appended with a .fileslock extension at the end.
Fileslock Ransomware has also been spotted inside the following files and processes: ['svhost.exe', 'f3f4909771e23ec301ae2a2c5945f25c.']
Fileslock Ransomware Capabilities
- Checks for available system drives (often done to infect USB drives)
- Creates a process in suspended mode (likely to inject code)
- Queries a list of all running processes
- Checks for available system drives
- Creates COM task schedule object
- Creates files inside the user directory
- May delete shadow drive data
- Disables UAC (registry)
- Creates or modifies windows services
- Queries a list of all running drivers
How protect from Fileslock Ransomware?
Ransomware is a type of malware that encrypts a victim's files, making them inaccessible. The attacker then demands a ransom from the victim to restore access to the data upon payment. There are a number of ways to protect against ransomware, such as backing up data, installing security software, and regularly updating software and devices.
- Use a reliable anti-malware program to remove the malicious files
- Restore your computer's files from a backup
- Use a strong password for all accounts online
- Use caution when opening email attachments, clicking on links, downloading software, or visiting websites